Mageia 8: MGASA-2022-0085 Critical Flac Local Info Disclosure

mageia

March 6, 2022

In append_to_verify_fifo_interleaved_ of stream_encoder.c, there is a possible out of bounds write due to a missing bounds check

Summary

In append_to_verify_fifo_interleaved_ of stream_encoder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. (CVE-2021-0561)

References

- https://bugs.mageia.org/show_bug.cgi?id=30098

- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/EWXBVMPPSL377I7YM55ZYXVKVMYOKES2/

- https://www.cve.org/CVERecord?id=CVE-2021-0561

Topics Covered

security advisory critical issue mageia local information disclosure flac package update

Resolution

SRPMS

- 8/core/flac-1.3.3-3.1.mga8

Severity

critical

Lowest

Low

Medium

High

Critical

Publication date: 06 Mar 2022

URL: https://advisories.mageia.org/MGASA-2022-0085.html

Type: security

CVE: CVE-2021-0561

Topics Covered

security advisory critical issue mageia local information disclosure flac package update

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Mageia 8: MGASA-2022-0085 Critical Flac Local Info Disclosure

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Mageia 8: MGASA-2022-0085 Critical Flac Local Info Disclosure

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!